diff options
author | andrewnester <andrew.nester.dev@gmail.com> | 2017-02-17 12:33:35 +0300 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2017-02-17 21:23:16 +0100 |
commit | 15b8b124ae1017dc31dae46cee73b702d77f85b8 (patch) | |
tree | d04a55be258698c8e47ade6ba3c6006c330265ad | |
parent | c240feb7f4471d26b9622f48990e78203145fca6 (diff) | |
download | php-git-15b8b124ae1017dc31dae46cee73b702d77f85b8.tar.gz |
Fixed #74099 - Memory leak with openssl_encrypt()
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | ext/openssl/openssl.c | 4 | ||||
-rw-r--r-- | ext/openssl/tests/bug74099.phpt | 20 |
3 files changed, 22 insertions, 3 deletions
@@ -42,6 +42,7 @@ PHP NEWS - OpenSSL: . Fixed bug #74022 (PHP Fast CGI crashes when reading from a pfx file). (Anatol) + . Fixed bug #74099 (Memory leak with openssl_encrypt()). (Andrew Nester) - Standard: . Fixed bug #74005 (mail.add_x_header causes RFC-breaking lone line feed). diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 8de329aec7..c1b433eb93 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -6309,8 +6309,7 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type, *poutbuf = zend_string_alloc((int)data_len + EVP_CIPHER_block_size(cipher_type), 0); - if ((!enc || data_len > 0) && - !EVP_CipherUpdate(cipher_ctx, (unsigned char*)ZSTR_VAL(*poutbuf), + if (!EVP_CipherUpdate(cipher_ctx, (unsigned char*)ZSTR_VAL(*poutbuf), &i, (unsigned char *)data, (int)data_len)) { /* we don't show warning when we fail but if we ever do, then it should look like this: if (mode->is_single_run_aead && !enc) { @@ -6366,7 +6365,6 @@ PHP_FUNCTION(openssl_encrypt) php_error_docref(NULL, E_WARNING, "Failed to create cipher context"); RETURN_FALSE; } - php_openssl_load_cipher_mode(&mode, cipher_type); if (php_openssl_cipher_init(cipher_type, cipher_ctx, &mode, diff --git a/ext/openssl/tests/bug74099.phpt b/ext/openssl/tests/bug74099.phpt new file mode 100644 index 0000000000..c0e02ba0cc --- /dev/null +++ b/ext/openssl/tests/bug74099.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #74099 Memory leak with openssl_encrypt() +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip"); +?> +--FILE-- +<?php +$aad = random_bytes(32); +$iv = random_bytes(16); +$key = random_bytes(32); + +$plaintext = ''; +$tag = null; + +$ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, \OPENSSL_RAW_DATA, $iv, $tag, $aad); +var_dump($ciphertext); +?> +--EXPECTF-- +string(0) "" |